AMENDMENTS TO THE CLAIMS: 

1 . (Currently amended) A method for associating computer network identifications 
with network policies, said method comprising the steps of: 

analyzing a network interface associated with a client computer using a 
plurality of network detectors, the detectors outputting a set of netspecs, 
each netspec comprising a first token identifying a detector used for the 
analysis and a second token identifying the analyzed network interface; 

determining network identifications associated with a client computer; 

associating the network identifications made by the netspecs with locations; 
and 

feeding associated network identification/location pairs to a network interface 
module to implement desired network policies. 

2. (Original) The method of claim 1 wherein the network interface module is a 
module from the group of modules consisting of a firewall, a router, a sniffer, an intrusion 
detection module, a behavior blocking module, and a network communications module. 

3. (Original) The method of claim 1 wherein the network interface module is a 
firewall, and a user of the client computer adjusts firewall settings to set network policies 
based upon location. 

4. (Canceled). 

5. (Currently amended) The method of claim [[4]]J_ wherein the set of netspecs is 
prioritize d based at least in part on the detectors that output the netspecs . 

6. (Original) The method of claim 5 wherein a user of the client computer prioritizes 
the set of netspecs via a prioritization module. 
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7. (Currently amended) The method of claim 1 wherein the step of associating the 
network identifications with locations comprises using a network probe to look up locations 
in a netspec database. 

8. (Original) The method of claim 7 wherein a user of the client computer modifies 
the netspec database via a location setting module. 

9. (Currently amended) The method of claim 1 wherein the step of feeding the 
associated network identification/location pairs to a network interface module comprises 
using a policy guide to feed the network identification/location pairs to the network interface 
module on a real-time basis. 

10. (Currently amended) Apparatus for associating computer network identifications 
with network policies, said apparatus comprising: 

means for analyzing a network interface associated with a client computer 
using a plurality of network detectors, the detectors outputting a set of 
netspecs, each netspec comprising a first token identifying a detector used 
for the analysis and a second token identifying the analyzed network 
interface; 

moans for determining network identifications associated with a client 
computer; 

coupled to the analyzing determining means, means for associatin g the 
network identifications made by the netspecs with locations; and 

coupled to the associating means, means for feeding associated network 
identification/location pairs to a network interface module to implement 
desired network policies. 
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1 1 . (Original) The apparatus of claim 10 wherein the network interface module is a 
module from the group of modules consisting of a firewall, a router, a sniffer, an intrusion 
detection module, a behavior blocking module, and a network communications module. 

12. (Original) The apparatus of claim 10 wherein the network interface module is a 
firewall, and the network policies are implemented on a packet-by-packet basis. 

13. (Original) The apparatus of claim 12 wherein locations are correlated with 
firewall settings on a distributed basis within the firewall. 

14. (Canceled). 

15. (Currently amended) The apparatus of claim [[14]] 10 further comprising^ 
coupled to the network probe, a prioritization module adapted to enable a user of 
the client computer to prioritize the netspecs based at least in part on the 
detectors that output the netspecs . 

16. (Currently amended) The apparatus of claim 10 wherein the associating means 
further comprises: 

a network probo adapted to produce notspocs corresponding to network 
identifications; and 

coupled to the network probo, a netspec database associating the netspecs with 
the locations. 

17. (Currently amended) The apparatus of claim 16 further comprising, coupled to 
the netspec database, a location setting module adapted to enable a user of the client 
computer to associate the locations with the netspecs. 

18. (Currently amended) The apparatus of claim 10 wherein the feeding means 
comprises: 
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a policy guide for associating the network identifications with the locations; 
wherein 

the network interface module implements the network policies based upon the. 
locations fed to the network interface module by the policy guide. 

19. (Currently amended) The apparatus of claim 10 further comprising, coupled to 
the network interface module, a user interface adapted to enable a user of the client computer 
to associate thejocations with the_network policies. 

20. (Canceled). 

21. (Currently amended) At least one computer-readable medium containing 
computer program instructions for associating computer network identifications with 
network policies, said computer program instructions performing the steps of: 

analyzing a network interface associated with a client computer using a 

plurality of network detectors, the detectors outputting a set of netspecs, 
each netspec comprising a first token identifying a detector used for the 
analysis and a second token identifying the analyzed network interface; 

determining network identifications associated with a client computer; 

associating the network identifications made by the netspecs with locations; 
and 

feeding associated network identification/location pairs to a network interface 
module to implement desired network policies. 

22. (New) The method of claim 1, wherein the client computer has a plurality of 
network interfaces and further comprising: 



Case 08701 (Amendment A) 
U.S. Serial No. 10/826,468 



5 



20423/0870 1/DOCS/l 899 132.4 



analyzing each of the plurality of network interfaces using the plurality of 

network detectors; and 
analyzing the netspecs for the plurality of network interfaces output by the 

plurality of network detectors to identify a set of unique network 

interfaces; 

wherein interfaces in the set of unique network interfaces are associated with 
locations responsive to the set of netspecs. 
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